turbot/aws_compliance

Query: vpc_default_security_group_restricts_all_traffic

Usage

powerpipe query aws_compliance.query.vpc_default_security_group_restricts_all_traffic

Steampipe Tables

SQL

select
arn resource,
case
when jsonb_array_length(ip_permissions) = 0 and jsonb_array_length(ip_permissions_egress) = 0 then 'ok'
else 'alarm'
end status,
case
when jsonb_array_length(ip_permissions) > 0 and jsonb_array_length(ip_permissions_egress) > 0
then 'Default security group ' || group_id || ' has inbound and outbound rules.'
when jsonb_array_length(ip_permissions) > 0 and jsonb_array_length(ip_permissions_egress) = 0
then 'Default security group ' || group_id || ' has inbound rules.'
when jsonb_array_length(ip_permissions) = 0 and jsonb_array_length(ip_permissions_egress) > 0
then 'Default security group ' || group_id || ' has outbound rules.'
else 'Default security group ' || group_id || ' has no inbound or outbound rules.'
end reason
, region, account_id
from
aws_vpc_security_group
where
group_name = 'default';

Controls

The query is being used by the following controls: